235f0b900df1215c34a9ce49f2358a81f37054c16ea7fbb263254f986fba7d6c

Sharing

Copy URL Twitter E-mail

General

Target

235f0b900df1215c34a9ce49f2358a81f37054c16ea7fbb263254f986fba7d6c
Size

363KB
MD5

50aeee0ae602d6196d1c0b936c425c20
SHA1

6e9256dc6c34661f9319c4c5917de4ac5f2815af
SHA256

235f0b900df1215c34a9ce49f2358a81f37054c16ea7fbb263254f986fba7d6c
SHA512

a6f8ee8235a7cea164a04c1a25fb1add52d745198f989c157d24d6db5eb8f30b4cba7c592751893c681d0e0ed0469cf20ccc0b78b3c32b9a5c8df1b38aadac33
SSDEEP

6144:VCIft1gnlXh9Z75HxGfPWnihv06/ONiJtraWhR+MNggKOoKassBO7x4gruL5rn:VPgnlfH+bGNiJtGW7+MCKassBO7xUVL

Score

N/A

Malware Config

Signatures

Files

235f0b900df1215c34a9ce49f2358a81f37054c16ea7fbb263254f986fba7d6c
.exe windows x86

4d52c2c4e145b7748b92dff407047e01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSidIdentifierAuthority
RegOpenKeyW
CloseServiceHandle
RegCloseKey
QueryServiceStatus
RegQueryValueExW
OpenSCManagerW
StartServiceW
IsValidSid
LookupAccountSidA
CreateServiceW
GetSidSubAuthorityCount
GetSidSubAuthority
OpenServiceW

kernel32

IsValidLocale
HeapDestroy
WideCharToMultiByte
IsValidCodePage
TlsSetValue
FindResourceW
GetCurrentThreadId
RtlUnwind
VirtualQuery
VirtualAlloc
GetSystemDirectoryW
GetStdHandle
TlsAlloc
WaitForSingleObject
FreeEnvironmentStringsA
SetLastError
DeleteCriticalSection
OpenFileMappingW
GetSystemTimeAsFileTime
VirtualFree
LeaveCriticalSection
GetCommandLineA
CompareStringW
EnterCriticalSection
SizeofResource
GetUserDefaultLCID
DeleteFileW
TlsFree
LockResource
CloseHandle
HeapAlloc
GetSystemInfo
GetFileType
GetComputerNameA
GetDateFormatA
GetOEMCP
GetACP
HeapFree
HeapReAlloc
CompareStringA
FreeEnvironmentStringsW
HeapSize
CreateFileW
CreateThread
SetFilePointer
TlsGetValue
FatalAppExitA
VirtualProtect
SetEnvironmentVariableA
MapViewOfFile
LCMapStringW
FlushFileBuffers
DeviceIoControl
UnhandledExceptionFilter
SetStdHandle
WriteFile
GetModuleHandleA
LCMapStringA
LoadResource
OpenEventW
SetHandleCount
GetTimeZoneInformation
GetTimeFormatA
EnumSystemLocalesA
LoadLibraryW

user32

LoadStringW

esent

JetCreateIndex
JetDelete
JetCreateTable
JetSetCurrentIndex3
JetOpenTempTable
JetCommitTransaction
JetSetColumnDefaultValue
JetConvertDDL
JetBeginSession
JetAttachDatabase2
JetRegisterCallback
JetCreateIndex2
JetCloseDatabase
JetGetDatabaseInfo
JetCloseFile
JetEnumerateColumns
JetDupCursor
JetGotoPosition
JetGetBookmark
JetGetTruncateLogInfoInstance

d3d8thk

OsThunkDdUnattachSurface
OsThunkDdQueryDirectDrawObject
OsThunkDdGetMoCompFormats
OsThunkDdGetMoCompGuids
OsThunkDdBeginMoCompFrame
OsThunkDdLock
OsThunkDdCanCreateD3DBuffer

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 334KB - Virtual size: 990KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d52c2c4e145b7748b92dff407047e01

Headers

File Characteristics

Imports

advapi32

kernel32

user32

esent

d3d8thk

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 334KB - Virtual size: 990KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 334KB - Virtual size: 990KB

.rsrc
Size: 3KB - Virtual size: 3KB